Create a Preauthorization

Create a Preauthorization

Authentication

AuthorizationBearer
Bearer authentication of the form `Bearer <token>`, where token is your auth token. If your platform is using a [proxy](/guides/sca/proxy-management) to take SCA-triggering action on behalf of users, you also need to integrate [mTLS authentication](/guides/sca/platform) and use the `api-mtls` base URL.

Path parameters

ClientIdstringRequired
Platform's API account identifier, associated with the API key.

Request

This endpoint expects an object.
AuthorIdstringRequired
The unique identifier of the user at the source of the transaction.
DebitedFundsobjectRequired
Information about the preauthorized funds.
CardIdstringRequired
The unique identifier of the Card object, obtained during the card registration process.
SecureModeReturnURLstringRequired

Max. length: 255 characters

The URL to which users are automatically returned after 3DS2 if it is triggered (i.e., if the SecureModeNeeded parameter is set to true).

BrowserInfoobjectRequired

Information about the browser used by the end user (author) to perform the payment.

IpAddressstringRequired
The IP address of the end user initiating the transaction, in IPV4 or IPV6 format.
FlowDescriptorobjectOptional

Information about the Owner beneficiaries targeted by the pay-in and its subsequent transfers, who must all be KYC/KYB verified when the pay-in request is made (read more).

If the FlowDescriptor.Beneficiaries is sent in the API request, then:

  • The transaction’s CreditedWalletId holder is disregarded in KYC/KYB checks.
  • ALL UserId values in the array must be one of:
    • OWNER whose KYCLevel is REGULAR
    • PLATFORM

The pay-in Status becomes FAILED with ResultCode 002951 if at least one FlowDescriptor.Beneficiaries.UserId is:

  • PAYER
  • OWNER whose KYCLevel is LIGHT

If the FlowDescriptor.Beneficiaries is not sent in the API request, then the CreditedWalletId holder is subject to KYC/KYB checks. This property is optional for backwards compatibility but is recommended for all pay-in flows, even when the CreditedWalletId holder is a PAYER or the same value as one of the FlowDescriptor.Beneficiaries.

TagstringOptional

Max. length: 255 characters

Custom data that you can add to this object.

SecureModestringOptional

Allowed values: DEFAULT, FORCE, NO_CHOICE

Default value: DEFAULT

The mode applied for the 3DS2 protocol for CB, Visa, and Mastercard. The options are:

  • DEFAULT – Requests an exemption to strong customer authentication (SCA), and thus a frictionless payment experience, if allowed by your Mangopay contract and accepted by the issuer.
  • FORCE – Requests SCA.
  • NO_CHOICE – Leaves the choice to the issuer whether to allow for a frictionless payment experience or to enforce SCA.
StatementDescriptorstringOptional

Max. length: 10 characters; only alphanumeric and spaces

Custom description to appear on the user’s bank statement along with the platform name. Different banks may show more or less information. See the Customizing bank statement references article for details.

CulturestringOptional

Allowed values: One of the supported languages in the ISO 639-1 format: DE, EN, ES, FR, IT, NL, PL, PT.

The language in which the payment page is to be displayed.

BillingobjectOptional

Default values: FirstName, LastName, and Address information of the Shipping object if sent, otherwise of the AuthorId (if address values present).

Information about the billing address.

ShippingobjectOptional

Default values: FirstName, LastName, and Address information of the Billing object if sent, otherwise of the AuthorId (if address values present).

Information about the shipping address.

PreferredCardNetworkstringOptional

Allowed values: VISA, MASTERCARD, CB, MAESTRO

The card network to use, as chosen by the cardholder, in case of co-branded cards.

PaymentCategorystringOptional

Default value: ECommerce

Allowed values: ECommerce, TelephoneOrder

The channel through which the user provided their card details, used to indicate mail-order and telephone-order (MOTO) payments:

  • ECommerce – Payment received online.
  • TelephoneOrder – Payment received via mail order or telephone order (MOTO).
ProfilingAttemptReferencestringOptional

The unique reference generated for the profiling session, used by the fraud prevention solution to produce recommendations for the transaction using the profiling data.

Note: Parameter not returned by the API. Profiling feature available on request – contact Mangopay via the Dashboard for more information.

Response

Success
Idstring

Max. length: 255 characters

The unique identifier of the preauthorization.

Tagstring

Max. length: 255 characters

Custom data that you can add to this object.

CreationDateinteger

Unix timestamp (UTC) of the date and time the object was created.

AuthorIdstring
The unique identifier of the user at the source of the transaction.
FlowDescriptorobject

Information about the Owner beneficiaries targeted by the pay-in and its subsequent transfers, who must all be KYC/KYB verified when the pay-in request is made (read more).

If the FlowDescriptor.Beneficiaries is sent in the API request, then:

  • The transaction’s CreditedWalletId holder is disregarded in KYC/KYB checks.
  • ALL UserId values in the array must be one of:
    • OWNER whose KYCLevel is REGULAR
    • PLATFORM

The pay-in Status becomes FAILED with ResultCode 002951 if at least one FlowDescriptor.Beneficiaries.UserId is:

  • PAYER
  • OWNER whose KYCLevel is LIGHT

If the FlowDescriptor.Beneficiaries is not sent in the API request, then the CreditedWalletId holder is subject to KYC/KYB checks. This property is optional for backwards compatibility but is recommended for all pay-in flows, even when the CreditedWalletId holder is a PAYER or the same value as one of the FlowDescriptor.Beneficiaries.

DebitedFundsobject
Information about the preauthorized funds.
RemainingFundsobject
Information about the remaining preauthorized funds.
AuthorizationDateinteger

Unix timestamp (UTC) of the date and time successful authorization occurred. If authorization failed, the value is null.

Statusstring

Returned values: CREATED, SUCCEEDED, FAILED

The status of the authorization.

PaymentStatusstring

Returned values: WAITING, CANCELED, EXPIRED, VALIDATED

The status of the preauthorization object:

  • WAITING – The remaining preauthorized funds can be captured by making one or several preauthorized pay-ins. Pay-ins can only be made against a preauthorization with the WAITING status.
  • CANCELED – The preauthorization was canceled manually before any preauthorized pay-ins were made, or it was canceled automatically because the authorization failed.
  • EXPIRED – The hold period on the preauthorized funds has ended without any preauthorized pay-ins taking place.
  • VALIDATED – During the hold period: Indicates that all the preauthorized funds have been captured (RemainingFunds is zero) and no more preauthorized pay-ins can be made. After the hold period: Indicates that at least one capture was made during the hold period.
ExpirationDateinteger

Unix timestamp (UTC) of the date and time the hold period ends and the preauthorized funds are released. At the expiration date, the preauthorization’s PaymentStatus changes to EXPIRED if no captures were made or VALIDATED if at least one capture was made.

PayInIdstring

The unique identifier of the pay-in.

ResultCodestring

The code indicating the result of the operation. This information is mostly used to handle errors or for filtering purposes.

ResultMessagestring
The explanation of the result code.
SecureModestring

Returned values: DEFAULT, FORCE, NO_CHOICE

The mode applied for the 3DS2 protocol for CB, Visa, and Mastercard. The options are:

  • DEFAULT – Requests an exemption to strong customer authentication (SCA), and thus a frictionless payment experience, if allowed by your Mangopay contract and accepted by the issuer.
  • FORCE – Requests SCA.
  • NO_CHOICE – Leaves the choice to the issuer whether to allow for a frictionless payment experience or to enforce SCA.
CardIdstring
The unique identifier of the Card object, obtained during the card registration process.
SecureModeReturnURLstring

Max. length: 255 characters

The URL to which users are automatically returned after 3DS2 if it is triggered (i.e., if the SecureModeNeeded parameter is set to true).

SecureModeRedirectURLstring

Max. length: 255 characters

The URL to which to redirect the user to proceed to 3DS2 validation.

SecureModeNeededboolean

Whether or not the SecureMode was used.

PaymentTypestring

Returned values: CARD

The payment type of the preauthorization.

ExecutionTypestring

Returned values: DIRECT

The execution type of the preauthorization.

StatementDescriptorstring

Max. length: 10 characters; only alphanumeric and spaces

Custom description to appear on the user’s bank statement along with the platform name. Different banks may show more or less information. See the Customizing bank statement references article for details.

Culturestring

Returned values: One of the supported languages in the ISO 639-1 format: DE, EN, ES, FR, IT, NL, PL, PT.

The language in which the payment page is to be displayed.

SecurityInfoobject

Information regarding security and anti-fraud tools.

MultiCaptureboolean

Default value: true

Whether multiple captures are activated for the preauthorization.

BrowserInfoobject

Information about the browser used by the end user (author) to perform the payment.

IpAddressstring
The IP address of the end user initiating the transaction, in IPV4 or IPV6 format.
Billingobject

Default values: FirstName, LastName, and Address information of the Shipping object if sent, otherwise of the AuthorId (if address values present).

Information about the billing address.

Shippingobject

Default values: FirstName, LastName, and Address information of the Billing object if sent, otherwise of the AuthorId (if address values present).

Information about the shipping address.

Requested3DSVersionstring

Returned values: V1, V2_1

The 3DS protocol version to be applied to the transaction.

Applied3DSVersionstring

Returned values: V1, V2_1

The 3DS protocol version applied to the transaction.

PreferredCardNetworkstring

Allowed values: VISA, MASTERCARD, CB, MAESTRO

The card network to use, as chosen by the cardholder, in case of co-branded cards.

PaymentCategorystring

Default value: ECommerce

Allowed values: ECommerce, TelephoneOrder

The channel through which the user provided their card details, used to indicate mail-order and telephone-order (MOTO) payments:

  • ECommerce – Payment received online.
  • TelephoneOrder – Payment received via mail order or telephone order (MOTO).
CardInfoobject

Information about the card used for the transaction. If the information or data is not available, null is returned.

AuthenticationResultobject

Information about the authentication result, based on the request made by Mangopay and the decision of the issuer regarding the type of authentication to be enforced (if applicable).